Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-c4r5-4x67-4w7c

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL.

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL.

Ссылки

EPSS

Процентиль: 74%
0.00827
Низкий

CVE ID

CVE-2020-15717

Связанные уязвимости

nvd логотип

CVE-2020-15717

CVSS3: 6.1
nvd
больше 5 лет назад

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL.

EPSS

Процентиль: 74%
0.00827
Низкий

CVE ID

CVE-2020-15717